FreeBSD Remote Code Execution Vulnerability Discovered in IPv6 Router Advertisement Handling

The FreeBSD project has released an important security advisory, numbered FreeBSD-SA-25:12, disclosing a critical remote code execution vulnerability (CVE-2025-14558) in the rtsold and rtsol programs. These programs handle router advertisement packets for IPv6 Stateless Address Autoconfiguration (SLAAC). The vulnerability stems from the programs’ failure to validate the domain search list option in router advertisement messages, directly passing the option content to the resolvconf(8) script, which lacks input validation and could lead to malicious command injection. Attackers can execute arbitrary code on FreeBSD systems running the affected programs by sending specially crafted router advertisement messages. The attack scope is limited to the same network segment because router advertisements are not routable. This vulnerability affects all supported FreeBSD versions and was patched through an update on December 16, 2025. The advisory emphasizes that this vulnerability highlights the importance of network security protection, and users should apply security patches immediately. No temporary workaround is currently available.